package cn.edu.ntu.yyl.controller;

import cn.edu.ntu.yyl.pojo.user.Role;
import cn.edu.ntu.yyl.pojo.user.UserInfo;
import cn.edu.ntu.yyl.service.RoleService;
import cn.edu.ntu.yyl.service.UserActionService;
import cn.edu.ntu.yyl.tool.Md5Tool;
import cn.edu.ntu.yyl.tool.code.Check;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import javax.servlet.http.*;

@Controller
public class LoginServlet  extends HttpServlet {

	@Autowired
	RoleService roleService;

	@Autowired
	UserActionService userActionService ;
	//用户登录页
	@GetMapping("/login")
	public String userLogin(){
		return "ucenter/user_login";
	}
	//用户登出
	@RequestMapping("/logout.do")
	public String logout(HttpServletResponse response, HttpSession session, RedirectAttributes attributes){
		//清除cookie：
		Cookie cookie = new Cookie("userId", null);
		cookie.setMaxAge(-1);
		response.addCookie(cookie);
		//销毁session：
		session.invalidate();
		attributes.addFlashAttribute("message", "成功登出");
		return "redirect:/index";
	}
	//用户登录
	@PostMapping("/login")
	protected Object userLogin(HttpServletRequest request, HttpServletResponse response, HttpSession session,Model model,RedirectAttributes attributes) throws Exception {
		response.setContentType("text/html;charset=UTF-8");
		if (login(request,response,session,model,attributes)!=null)	{
			UserInfo userInfo = (UserInfo) session.getAttribute("userInfo");
			Role role = roleService.SelectByUser(userInfo);
			session.setAttribute("role",role);
			model.addAttribute("role",role);
			return "redirect:/ucenter/index";
		} else {
			return "redirect:/login";
		}
	 }
	//管理员登录
	@RequestMapping("/adminlogin.do")
	protected String adminLogin(HttpServletRequest request,
								HttpServletResponse response,
								HttpSession session, Model model,
								RedirectAttributes attributes) throws Exception{
		response.setContentType("text/html;charset=UTF-8");
		//检查验证码
		Check check = new Check();
		check.doPost(request,response);
		boolean result = check.getResult();
		if (!result){
			//验证码核验未通过
			attributes.addFlashAttribute("message","登录失败,验证码不正确");
			return "redirect:/admin/login";
		} else{
			//验证码核验通过
			if (login(request,response,session,model,attributes)!=null){
				//核验是否是管理员
				UserInfo userInfo;
				userInfo = login(request,response,session,model,attributes);
				assert userInfo != null;

				Role role = roleService.SelectByUser(userInfo);
				Integer power = role.getPower();
				//预设权利小于等于3的为管理员组
				if(power<=3){
					session.setAttribute("role",role);
					model.addAttribute("role",role);
					return "redirect:/admin/index";
				}
				else {
					attributes.addFlashAttribute("message","登录失败,你不是管理员");
					return "redirect:/login";
				}
			} else {
				attributes.addFlashAttribute("message","登录失败,请检查你的用户名或密码");
				return "redirect:/admin/login";
			}
		}
	 }
	//登录动作
	private UserInfo login(HttpServletRequest request, HttpServletResponse response, HttpSession session, Model model,RedirectAttributes attributes) {
		response.setContentType("text/html;charset=UTF-8");
		/*获取表单中的用户名或者邮箱*/
		String userName = request.getParameter("userInfo.username");
		/*获取表单中的密码*/
		String password = request.getParameter("userInfo.password");
		//将数据写入临时UserInfo类user中
		UserInfo userInfo = new UserInfo();
		userInfo.setEmail(userName);
		userInfo.setUsername(userName);
		userInfo.setPassword(Md5Tool.code(password));
		//返回用户的完整信息
		userInfo = userActionService.login(userInfo);
		if(userInfo!=null&&userInfo.getId()>=1) {
				//登录成功
				session.setAttribute("userInfo",userInfo);
				model.addAttribute("userInfo",userInfo);
				return userInfo;
		} else {
			System.err.println("登录失败!");
			return null;
		}

	}
}

